Friday, January 11, 2008

MySpace page fakes Microsoft security update, installs malware

McAfee has reportedly claimed that a MySpace profile is serving up a fraudulent Microsoft security update that attempts to load malware if clicked. The attack scenario requires sending new friend requests to MySpace users. If you click on the person's picture or name link to view their profile a profile page appears, overlaid with an apparently legitimate Windows 'Automatic Updates' pop-up box. Clicking on (or even near) the pop-up creates a request for a file download a fake Microsoft update called 'updateKB890830.exe' from a server.
The profile supposedly belongs to a 42 year old woman from Arkansas, and appears to exist solely for the purpose of spreading the malicious program. McAfee says that both Microsoft and MySpace have been contacted. However, as of now the page is still available on the Myspace site.